Privacy Policy

Last Updated: 9/23/2025

1. INFORMATION WE COLLECT

1.1 Personal Information

Name and Contact Information: Full name, email address, phone number
Account Information: Username, password, profile preferences
Demographic Information: Age, location, academic interests
Academic Information: Current educational status, graduation year, major, GPA (optional)
Payment Information: We do NOT store payment information - this is handled securely by Stripe

1.2 Academic and Professional Information

Prospective Students: Current educational status, intended major, college interests, academic goals
College Insiders: University name, major, graduation year, academic achievements, extracurricular activities
Session Information: Booking details, session topics, feedback and reviews

1.3 Communication Data

Session Data: Session metadata (duration, participants, topics) - NO audio or video content is recorded
Support Communications: Emails and chat logs with customer support

1.4 Technical Information

Usage Data: Pages visited, time spent, features used
Cookies and Tracking: Analytics data, preference settings
Location Data: General location for service optimization

2. HOW WE USE YOUR INFORMATION

PLATFORM NOTICE: Campus Tea is a technology platform that facilitates connections between users. We do not provide educational services directly. All advice and educational content is provided by independent third-party users (Insiders) who are not our employees.

2.1 Service Provision

Account Management: Creating and maintaining user accounts
Matching Services: Connecting prospective students with appropriate Insiders
Session Facilitation: Scheduling and conducting video sessions
Payment Processing: Facilitating payments through Stripe (we do not store payment details)
Communication: Facilitating user interactions and support

2.2 Platform Improvement

Analytics: Understanding user behavior and platform usage
Feature Development: Creating new features based on user needs
Quality Assurance: Monitoring service quality and user satisfaction
Security: Protecting against fraud and unauthorized access

2.3 Marketing and Communications

Service Updates: Notifying users about platform changes
Promotional Content: Sharing relevant offers and features (with consent)
Educational Content: Providing college-related information and resources
Newsletters: Sending periodic updates about the platform

2.4 Operational Communications for Insiders

REQUIRED COMMUNICATIONS: Insiders must receive operational emails to maintain their account and provide services effectively.

We process email data for Insiders to send:

Booking Notifications: Meeting requests, confirmations, and schedule changes
Account Management: Profile updates, payment information, and account status
Platform Operations: Service updates, policy changes, and technical notifications
Financial Communications: Earnings statements, and payment confirmations
Student Interactions: Messages from prospective students and session communications
Support Services: Customer support responses and technical assistance
Compliance Requirements: Legal updates, policy changes, and regulatory notices

Note: Insiders may opt out of promotional emails but must receive operational communications to maintain platform functionality.

3. INFORMATION SHARING

3.1 With Other Users

Profile Information: Basic profile details visible to other users
Session Information: Booking details shared between matched users
Reviews and Ratings: Public reviews and ratings (anonymized)

3.2 With Service Providers

Payment Processors: Stripe handles all payment processing and stores payment information securely
Video Platform: Google Meet
Cloud Services: Google Cloud
Analytics Services: Google Analyticss

3.3 Legal Requirements

Law Enforcement: When required by legal process
Safety: To protect user safety and platform security
Legal Compliance: To comply with applicable laws and regulations

4. DATA SECURITY

4.1 Technical Safeguards

Encryption: All data encrypted in transit and at rest
Access Controls: Limited access to personal information
Regular Audits: Security assessments and vulnerability testing
Secure Infrastructure: Protected servers and databases
Payment Security: Payment information is handled exclusively by Stripe's secure systems

4.2 Administrative Safeguards

Staff Training: Privacy and security training for all employees
Data Minimization: Collecting only necessary information
Retention Policies: Deleting data when no longer needed
Incident Response: Procedures for handling data breaches

5. YOUR RIGHTS AND CHOICES

5.1 Access and Control

Account Settings: Update personal information and preferences
Data Export: Request a copy of your personal data
Data Deletion: Request deletion of your account and data
Communication Preferences: Opt out of marketing communications

6. DATA RETENTION

6.1 Retention Periods

Account Data: Retained while account is active
Session Data: Retained for 2 years for quality assurance
Communication Data: Retained for 1 year
Payment Data: We do not store payment data - Stripe handles retention according to their policies

6.2 Deletion Process

Account Deletion: Data deleted within 30 days of request
Anonymization: Some data may be anonymized rather than deleted
Legal Holds: Data may be retained longer for legal reasons

7. CHILDREN'S PRIVACY

7.1 Age Requirements

Minimum Age: Users must be at least 13 years old
Parental Consent: Users under 18 must have parental consent
COPPA Compliance: Special protections for users under 13

7.2 Parental Rights

Access: Parents can request access to their child's information
Deletion: Parents can request deletion of their child's data
Consent Withdrawal: Parents can withdraw consent at any time

8. CONTENT MONITORING AND PROHIBITED CONTENT

8.1 Content Monitoring and Recording Policy

NO RECORDING POLICY: Campus Tea does NOT record, monitor, or store video sessions, audio calls, or live communications between users. All sessions are private and not recorded by the platform.

As a platform that facilitates connections between users, Campus Tea monitors user-generated content to ensure compliance with our Terms of Service and to protect user safety. We collect and process data related to:

Content Moderation: Messages, profiles, and public content for inappropriate material
Safety Monitoring: Detection of harmful content including self-harm, violence, or illegal activities
Academic Integrity: Prevention of academic dishonesty and plagiarism
Platform Security: Detection of spam, fraud, or malicious activities
Independent Contractor Compliance: Ensuring Insiders comply with their independent contractor status
Session Metadata Only: We only collect session metadata (duration, participants, topics) - NO audio or video content

8.2 Prohibited Content Detection

We use automated systems and human review to detect and remove content related to:

Illegal Activities: Any content promoting illegal activities
Drug Use and Substance Abuse: Content promoting illegal drug use or substance abuse
Self-Harm and Suicide: Content promoting self-harm, suicide, or self-destructive behaviors
Terrorism and Violence: Content promoting terrorism, violent extremism, or acts of violence
Hate Speech: Content promoting hatred or discrimination
Sexual Content: Inappropriate sexual content or harassment
Dangerous Activities: Content promoting activities that could result in physical harm
Fraud and Scams: Content designed to deceive or defraud users

8.3 Data Processing for Safety

Automated Scanning: AI-powered content analysis for prohibited material in public content only
Human Review: Manual review of flagged content by trained moderators
Reporting: Reporting of illegal content to appropriate authorities when required by law
Account Actions: Data processing related to account warnings, suspensions, or terminations
No Session Recording: We do not process, store, or analyze audio or video content from sessions

9. INTERNATIONAL USERS

9.1 Data Transfers

Cross-Border Transfers: Data may be transferred internationally
Adequacy Decisions: Transfers to countries with adequate protection
Safeguards: Appropriate safeguards for international transfers

9.2 Regional Compliance

GDPR: Compliance with European data protection laws
CCPA: Compliance with California privacy laws
Other Jurisdictions: Compliance with applicable local laws

9. COOKIES AND TRACKING

9.1 Types of Cookies

Essential Cookies: Required for platform functionality
Analytics Cookies: Used to understand user behavior
Marketing Cookies: Used for targeted advertising
Preference Cookies: Used to remember user settings

9.2 Cookie Management

Browser Settings: Users can control cookies through browser settings
Opt-Out Tools: Available for certain tracking technologies
Third-Party Cookies: Limited use of third-party tracking

10. CHANGES TO THIS POLICY

10.1 Policy Updates

Notification: Users will be notified of significant changes
Review Period: 30-day notice for material changes
Consent: Continued use constitutes acceptance of changes

10.2 Version Control

Version History: Previous versions available upon request
Effective Date: Clear indication of when changes take effect
Archive: Previous policies maintained for reference

11. CONTACT INFORMATION

11.1 Privacy Questions

Email: admin@campustea.io

11.2 Data Protection Officer

Email: admin@campustea.io
Response Time: Within 72 hours for urgent matters

12. COMPLAINTS AND DISPUTES

12.1 Internal Process

Complaint Submission: Through support channels or email
Investigation: Thorough investigation of all complaints
Resolution: Timely resolution and response

12.2 External Recourse

Regulatory Authorities: Right to file complaints with data protection authorities
Legal Action: Right to pursue legal remedies
Arbitration: Alternative dispute resolution options